How to setup a decentralized overlay network using N2N
I first came across N2N last year during my stay at Cybermedia Center, Osaka University last year though I didn’t involve with it that much. Fast forward to the present, for my current project (I may blog about it later if I feel like it), I need to setup an L2 overlay network so N2N just came to mind. N2N is basically yet another VPN software. Since I’m lazy, I’ll just shamelessly stole the description from the official N2N site.
n2n is a layer-two peer-to-peer virtual private network (VPN) which allows users to exploit features typical of P2P applications at network instead of application level. This means that users can gain native IP visibility (e.g. two PCs belonging to the same n2n network can ping each other) and be reachable with the same network IP address regardless of the network where they currently belong. In a nutshell, as OpenVPN moved SSL from application (e.g. used to implement the https protocol) to network protocol, n2n moves P2P from application to network level.
The main advantage of N2N is the ease of use and versatility. It could pierce
the heaven a firewall with no extra configurations. This make VPN deployment really really simple… at the expense of performance though. I won’t go into further detail since again, I’m lazy it will deviate from the main purpose of this post.
To make N2N actually decentralized, we need to deploy multiple supernode. This feature is currently not available in the stable version of N2N. Luckily, it was already implemented in N2N v2 fork. (A fork of a software which is still unreleased?!) The paper of this feature was there along with the source as well. How did I know of this? Well, it started from my random ranting email to the developer about this missing feature. He’d been very nice and told me about this hidden undocumented feature and help me a lot with my testbed deployment (Cheer! Costin). For the purpose of this tutorial, I’ll deploy 2 supernode on 2 edge each in different machine so there are 4 machines in total. Without further ado, let’s get started!
- Grab the source from Github.
- Compile it with flag “SNM=yes” to enable multiple supernode feature and install it on every machines you plan to connect to the network. Don’t worry, it’s very simple and fast.
S1$ make SNM=yes S1$ make install PREFIX=/some/random/directory/for/easy/uninstallation/i/recommend/something/like/home/me/.n2n S2$ # The same as S1
- From this point onward, there will be some undocumented parameters so please pay attention. Start the first supernode with -s flag and supernode port (SNM_PORT) in addition to the usual N2N port.
S1$ supernode -s SNM_PORT -l N2N_PORT
- For each subsequent supernodes, set both use -i SUPERNODE_IP:SUPERNODE_PORT to connect to existing supernode. It doesn’t have to be the first one, just point it to anyone in your supernode network.
S2$ supernode -s SNM_PORT -l N2N_PORT -i S1_IP:SNM_PORT
- As for edges, use -x parameter to set SNM_PORT on edge. Note that if you run both supernode and edge on the same machine, you can’t use the same port. In this example, each supernodes and edges are on different machines so there is no problem.
E1$ edge -x SNM_PORT -d TAP_DEVICE_NAME -a N2N_IP -s N2N_SUBNET -c COMM_NAME -k COMM_KEY -l S1_IP:SNM_PORT E1$ edge -x SNM_PORT -d TAP_DEVICE_NAME -a N2N_IP -s N2N_SUBNET -c COMM_NAME -k COMM_KEY -l S2_IP:SNM_PORT
If all goes well, congratlation! You’ve just setup an overlay network in 4 commands! If not, you could try adding “-v -v -f > logfile.log” to each nodes and supernodes command to create log files.
- If you need to stop N2N, it’s not very simple. I don’t know if it’s the cleaniest method but this is how I do it.
S1$ #Supernode S1$ killall supernode E1$ #Edge E1$ nc -u localhost 5644 # Open a udp connection to default edge management port and send 'stop' command stop
That should do it. If you have any problem, you could contact me or N2N developer. Finally, before I finish this post, I have one more advice for you. DON’T DO GOOGLE IMAGES SEARCH USING THE TERM N2N!